Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
amss /
modules /
supervision /
expand /
[ HOME SHELL ]
Name
Size
Permission
Action
images
[ DIR ]
drwxr-xr-x
detail.php
2.98
KB
-rw-r--r--
index.php
969
B
-rw-r--r--
livesearch_201.php
17.56
KB
-rw-r--r--
report_1.php
29.01
KB
-rw-r--r--
report_2.php
27.99
KB
-rw-r--r--
sp1.php
59.17
KB
-rw-r--r--
sp2.php
6.04
KB
-rw-r--r--
sp3.php
5.98
KB
-rw-r--r--
std_detail3.php
7.95
KB
-rw-r--r--
std_detail4.php
8.99
KB
-rw-r--r--
teach_list.php
18.65
KB
-rw-r--r--
teach_report.php
9.8
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : sp3.php
<?php if(!(isset($_GET['subject_code']))){ $_GET['subject_code']=""; } //กลับ if(isset($_GET['return'])){ $return=$_GET['return']; } else{ $return=0; } if(isset($_GET['page'])){ $page=$_GET['page']; } else{ $page=""; } if(isset($_POST['ref_id'])){ $rec_date = date("Y-m-d"); if($_POST['comment']!=""){ $sql = "insert into supervision_comment(ref_id,person_id,subject_code,comment,rec_date) values ('$_POST[ref_id]', '$_POST[person_index]', '$_POST[subject_code]', '$_POST[comment]' ,'$rec_date')"; $dbquery = mysqli_query($connect,$sql); } function file_upload() { $uploaddir = '../upload_files/'; //ที่เก็บไไฟล์ $uploadfile = $uploaddir.$_FILES['userfile']['name']; $file_name = $_FILES['userfile']['name'] ; $array_last = explode("." ,$file_name) ; $lastname = strtolower ($array_last[1]) ; $lastname_2=".".$lastname; $rand_number=rand(); $file_name=$_POST['ref_id'].$rand_number; if (move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile)) { $before_name = $uploadfile; $name = $file_name.$lastname_2; $changed_name = $uploaddir.$file_name.$lastname_2; rename("$before_name" , "$changed_name"); //ลดขนาดภาพ if(($lastname =="JPG") or ($lastname=="jpg")){ $ori_file=$changed_name; $ori_size=getimagesize($ori_file); $ori_w=$ori_size[0]; $ori_h=$ori_size[1]; if($ori_w>800){ $new_w=800; $new_h=round(($new_w/$ori_w)*$ori_h); $ori_img=imagecreatefromjpeg($ori_file); $new_img=imagecreatetruecolor($new_w, $new_h); imagecopyresized($new_img, $ori_img,0,0, 0,0, $new_w, $new_h, $ori_w, $ori_h); $new_file=$ori_file; imagejpeg($new_img, $new_file); imagedestroy($ori_img); imagedestroy($new_img); } } return $name; } } if($_FILES['userfile']['name']!=""){ $myfile1_name = $_FILES ['userfile'] ['name'] ; $array_last1 = explode("." ,$myfile1_name) ; $c1 =count ($array_last1) - 1 ; $lastname1 = strtolower ($array_last1 [$c1] ) ; if($lastname1 =="doc" or $lastname1 =="docx" or $lastname1 =="rar" or $lastname1 =="pdf" or $lastname1 =="xls" or $lastname1 =="xlsx" or $lastname1 =="zip" or $lastname1 =="jpg" or $lastname1 =="gif" ) { $file=file_upload(); $sql = "insert into supervision_file(ref_id,subject_code,file_name) values ('$_POST[ref_id]','$_POST[subject_code]','$file')"; $dbquery = mysqli_query($connect,$sql); } } if($_POST['return']==1){ echo "<script>document.location.href='?file=sp1_mobile&school_index=$_POST[school_index]&person_index=$_POST[person_index]&index=1';</script>\n"; } else if($_POST['return']==1.1){ $sql = "select id from supervision_main where ref_id='$_POST[ref_id]' "; $dbquery = mysqli_query($connect,$sql); $result_ref = mysqli_fetch_array($dbquery); $id=$result_ref['id']; echo "<script>document.location.href='?file=sp1_mobile&school_index=$_POST[school_index]&person_index=$_POST[person_index]&index=5&id=$id&page=$_POST[page]';</script>\n"; } else if($_POST['return']==2){ $sql = "select id from supervision_main where ref_id='$_POST[ref_id]' "; $dbquery = mysqli_query($connect,$sql); $result_ref = mysqli_fetch_array($dbquery); $id=$result_ref['id']; echo "<script>document.location.href='?file=sp1&school_index=$_POST[school_index]&person_index=$_POST[person_index]&index=5&id=$id&page=$_POST[page]&remote_user_office=$remote_user_office&remote_user_id=$remote_user_id&remote_login_status=$remote_login_status&remote_sync=$remote_sync';</script>\n"; } else{ echo "<script>document.location.href='?file=sp1&school_index=$_POST[school_index]&person_index=$_POST[person_index]&index=1&remote_user_office=$remote_user_office&remote_user_id=$remote_user_id&remote_login_status=$remote_login_status&remote_sync=$remote_sync';</script>\n"; } } echo "<form Enctype = multipart/form-data id='frm2' name='frm2' action='?file=sp3&index=4' method=post>"; echo "<Br><Br>"; echo "<Table width='300' Border='0' align='center'>"; echo "<Tr align='left'><Td ></Td><Td align='right'>นิเทศ </Td><Td><textarea rows='10' cols='35' name='comment'></textarea></Td></Tr>"; echo "<tr align='left'>"; echo "<Td ></Td><td align='right'>เอกสาร </td>"; echo "<td align='left'><input name = 'userfile' type = 'file'></td>"; echo "</tr>"; echo "<tr align='left' height='70'>"; echo "<Td ></Td><td></td><td align='left'>"; echo "<INPUT TYPE='button' name='smb' value='ตกลง' onclick='goto_upload(1)'>"; echo "</td></tr>"; echo "</Table>"; echo "<INPUT TYPE='Hidden' name='ref_id' value='$_GET[ref_id]'>"; echo "<INPUT TYPE='Hidden' name='subject_code' value='$_GET[subject_code]'>"; echo "<INPUT TYPE='Hidden' name='school_index' value='$_GET[school_index]'>"; echo "<INPUT TYPE='Hidden' name='person_index' value='$_GET[person_index]'>"; echo "<INPUT TYPE='Hidden' name='officer' value='$_GET[officer]'>"; echo "<INPUT TYPE='Hidden' name='return' value='$return'>"; echo "<INPUT TYPE='Hidden' name='page' value='$page'>"; echo "<input type='hidden' name='remote_user_office' value='$_GET[remote_user_office]'>"; echo "<input type='hidden' name='remote_user_id' value='$_GET[remote_user_id]'>"; echo "<input type='hidden' name='remote_login_status' value='$_GET[remote_login_status]'>"; echo "<input type='hidden' name='remote_sync' value='$_GET[remote_sync]'>"; echo "<input type='hidden' name='remote_sync' value='$_GET[remote_sync]'>"; echo "</form>"; ?> <script> function goto_upload(val){ if(val==1){ callfrm2(); } } function callfrm2() { frm2.target = "_self"; frm2.method = "POST"; document.getElementById("frm2").submit(); } </script>
Close
